Accepting request 49901 from network:utilities

Copy from network:utilities/wget based on submit request 49901 from user coolo

OBS-URL: https://build.opensuse.org/request/show/49901
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/wget?expand=0&rev=13
This commit is contained in:
OBS User autobuild 2010-10-07 20:16:37 +00:00 committed by Git OBS Bridge
parent 14c67d3623
commit 7f57011928
7 changed files with 172 additions and 82 deletions

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:8b7f52e2861b89c3ee0cc10c3665af5b705d0cb7fc00bca59a9b1e2b50e027fb
size 954561

3
wget-1.12.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:c823d938e2f849305a101c0860229b123d7564c26470fdac9118d85e3c7dba9a
size 1609032

96
wget-libproxy.patch Normal file
View File

@ -0,0 +1,96 @@
Index: wget-1.12/configure.ac
===================================================================
--- wget-1.12.orig/configure.ac
+++ wget-1.12/configure.ac
@@ -353,6 +353,22 @@ then
AC_DEFINE([HAVE_MD5], 1, [Define if we're compiling support for MD5.])
fi
+dnl
+dnl libproxy support
+dnl
+AC_ARG_ENABLE(libproxy,
+ [ --enable-libproxy libproxy support for system wide proxy configuration])
+if test "${enable_libproxy}" != "no"
+then
+ PKG_CHECK_MODULES([libproxy], [libproxy-1.0], [enable_libproxy=yes], [enable_libproxy=no])
+fi
+if test "${enable_libproxy}" = "yes"
+then
+ AC_SUBST(libproxy_CFLAGS)
+ AC_SUBST(libproxy_LIBS)
+ AC_DEFINE([HAVE_LIBPROXY], 1, [Define when using libproxy])
+fi
+
dnl **********************************************************************
dnl Checks for IPv6
dnl **********************************************************************
Index: wget-1.12/src/Makefile.am
===================================================================
--- wget-1.12.orig/src/Makefile.am
+++ wget-1.12/src/Makefile.am
@@ -36,7 +36,7 @@ endif
# The following line is losing on some versions of make!
DEFS = @DEFS@ -DSYSTEM_WGETRC=\"$(sysconfdir)/wgetrc\" -DLOCALEDIR=\"$(localedir)\"
-LIBS = @LIBSSL@ @LIBGNUTLS@ @LIBICONV@ @LIBINTL@ @LIBS@
+LIBS = @LIBSSL@ @LIBGNUTLS@ @LIBICONV@ @LIBINTL@ @libproxy_LIBS@ @LIBS@
bin_PROGRAMS = wget
wget_SOURCES = cmpt.c connect.c convert.c cookies.c ftp.c \
Index: wget-1.12/src/retr.c
===================================================================
--- wget-1.12.orig/src/retr.c
+++ wget-1.12/src/retr.c
@@ -55,6 +55,10 @@ as that of the covered work. */
#include "html-url.h"
#include "iri.h"
+#ifdef HAVE_LIBPROXY
+#include "proxy.h"
+#endif
+
/* Total size of downloaded files. Used to enforce quota. */
SUM_SIZE_INT total_downloaded_bytes;
@@ -1134,7 +1138,40 @@ getproxy (struct url *u)
break;
}
if (!proxy || !*proxy)
+#ifdef HAVE_LIBPROXY
+ {
+ pxProxyFactory *pf = px_proxy_factory_new();
+ if (!pf)
+ {
+ logprintf (LOG_VERBOSE, _("Allocating memory for libproxy failed"));
+ return NULL;
+ }
+ int i;
+ char direct[] = "direct://";
+
+ logprintf (LOG_VERBOSE, _("asking libproxy about url '%s'\n"), u->url);
+ char **proxies = px_proxy_factory_get_proxies(pf, u->url);
+ if (proxies[0])
+ {
+ char *check = NULL;
+ asprintf(&check , "%s", proxies[0]);
+ logprintf (LOG_VERBOSE, _("libproxy suggest to use '%s'\n"), check);
+ if(strcmp(check ,direct) != 0)
+ {
+ asprintf(&proxy , "%s", proxies[0]);
+ logprintf (LOG_VERBOSE, _("case 2: libproxy setting to use '%s'\n"), proxy);
+ }
+ }
+ for(i=0;proxies[i];i++) free(proxies[i]);
+ free(proxies);
+ free(pf);
+
+ if (!proxy || !*proxy)
+ return NULL;
+ }
+#else
return NULL;
+#endif
/* Handle shorthands. `rewritten_storage' is a kludge to allow
getproxy() to return static storage. */

View File

@ -1,48 +0,0 @@
--- src/openssl.c
+++ src/openssl.c
@@ -481,6 +481,7 @@
{
X509 *cert;
char common_name[256];
+ int len1, len2;
long vresult;
bool success = true;
@@ -562,9 +563,34 @@
UTF-8 which can be meaningfully compared to HOST. */
common_name[0] = '\0';
- X509_NAME_get_text_by_NID (X509_get_subject_name (cert),
- NID_commonName, common_name, sizeof (common_name));
- if (!pattern_match (common_name, host))
+ len1 = X509_NAME_get_text_by_NID (X509_get_subject_name (cert),
+ NID_commonName, NULL, 0);
+ len2 = X509_NAME_get_text_by_NID (X509_get_subject_name (cert),
+ NID_commonName, common_name,
+ sizeof(common_name));
+ if (len1 < 0 || len2 < 0)
+ {
+ logprintf (LOG_NOTQUIET, _("\
+%s: certificate has no common name.\n"),
+ severity);
+ success = false;
+ }
+ if (len1 != len2)
+ {
+ logprintf (LOG_NOTQUIET, _("\
+%s: certificate common name is %d bytes long, maximum allowed is %d.\n"),
+ severity, len1, sizeof(common_name)-1);
+ success = false;
+ }
+ else if (len2 != strlen(common_name))
+ {
+ logprintf (LOG_NOTQUIET, _("\
+%s: certificate common name contains a NULL character: '%s\\0%s'.\n"),
+ severity, escnonprint (common_name),
+ escnonprint (common_name + strlen(common_name)+1));
+ success = false;
+ }
+ else if (!pattern_match (common_name, host))
{
logprintf (LOG_NOTQUIET, _("\
%s: certificate common name `%s' doesn't match requested host name `%s'.\n"),

View File

@ -1,3 +1,43 @@
-------------------------------------------------------------------
Sun Aug 15 16:37:02 CEST 2010 - dimstar@opensuse.org
- Update to version 1.12:
+ SECURITY FIX: It had been possible to trick Wget into accepting
SSL certificates that don't match the host name, through the
trick of embedding NUL characters into the certs' common name
+ Added support for CSS. This includes:
- Parsing links from CSS files, and from CSS content found in
HTML style tags and attributes.
- Supporting conversion of links found within CSS content, when
--convert-links is specified.
- Ensuring that CSS files end in the ".css" filename extension,
when --convert-links is specified.
+ Added support for Internationalized Resource Identifiers
+ Wget now provides more sensible exit status codes when
downloads don't proceed as expected
+ --default-page option (and associated wgetrc command) added to
support alternative default names for index.html.
+ --ask-password option (and associated wgetrc command) added to
support password prompts at the console.
+ The --input-file option now also handles retrieving links from
an external file.
+ The output generated by the --version option now includes
information on how it was built, and the set of configure-time
options that were selected.
+ --html-extension has been renamed to --adjust-extension, to
reflect the fact that it now also applies to CSS content
+ An "ascii" specifier is now accepted by --restrict-file-names,
which forces the percent-encoding of all non-ASCII bytes
+ Several previously existing, but undocumented .wgetrc options
are now documented.
- Drop upstream fixed wget-nullcerts.patch.
- Minor spec-cleanups using spec-cleaner
- Use smp_mflags
- Add libproxy-devel BuildRequires and enable libproxy support
using wget-libproxy.patch.
- Add pkg-config BuildRequire to succeed with the bootstrap on
openSUSE < 11.3.
-------------------------------------------------------------------
Wed Dec 16 11:09:16 CET 2009 - jengelh@medozas.de

View File

@ -1,7 +1,7 @@
#
# spec file for package wget (Version 1.11.4)
# spec file for package wget (Version 1.12)
#
# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -15,50 +15,47 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
# norootforbuild
Name: wget
BuildRequires: libpng-devel openssl-devel
Url: http://www.gnu.org/software/wget/
Version: 1.12
Release: 1
License: GPLv3+
Group: Productivity/Networking/Web/Utilities
AutoReqProv: on
Version: 1.11.4
Release: 8
Summary: A Tool for Mirroring FTP and HTTP Servers
Url: http://www.gnu.org/software/wget/
Group: Productivity/Networking/Web/Utilities
Source: %name-%version.tar.bz2
Patch1: wgetrc.patch
Patch2: wget-nullcerts.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
# PATCH-MISSING-TAG -- See http://wiki.opensuse.org/Packaging/Patches
Patch0: wgetrc.patch
# PATCH-FEATURE-UPSTREAM wget-libproxy.patch dimstar@opensuse.org -- Add libproxy support to wget
Patch1: wget-libproxy.patch
BuildRequires: libpng-devel
BuildRequires: libproxy-devel
BuildRequires: openssl-devel
BuildRequires: pkg-config
PreReq: %install_info_prereq
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
Wget enables you to retrieve WWW documents or FTP files from a server.
This can be done in script files or via the command line.
Authors:
--------
Hrvoje Niksic <hniksic@srce.hr>
%prep
%setup -q
%patch1
%patch2
%patch0
%patch1 -p1
%build
./autogen.sh
%configure
make %{?jobs:-j%jobs}
make %{?_smp_mflags}
%install
make DESTDIR=$RPM_BUILD_ROOT install
%makeinstall
%find_lang %{name}
%clean
rm -rf $RPM_BUILD_ROOT;
rm -rf %{buildroot};
%post
%install_info --info-dir=%{_infodir} %{_infodir}/%{name}.info.gz

View File

@ -1,9 +1,14 @@
--- doc/sample.wgetrc
Index: doc/sample.wgetrc
===================================================================
--- doc/sample.wgetrc.orig
+++ doc/sample.wgetrc
@@ -110,3 +110,6 @@
# To have Wget follow FTP links from HTML files by default, set this
# to on:
#follow_ftp = off
+
+# Let the DNS resolver decide whether to prefer IPv4 or Pv6
@@ -114,6 +114,9 @@
# To try ipv6 addresses first:
#prefer-family = IPv6
+#
+# Let the DNS resolver decide whether to prefer IPv4 or IPv6
+prefer-family = none
# Set default IRI support state
#iri = off